<?php

/*
	This file is part of Mandragon.

    Mandragon is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    Mandragon is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with Mandragon.  If not, see <http://www.gnu.org/licenses/>.
*/

class UserManagementPage {

	private $alerter;
	
	public function __construct() {
		$this->alerter = new Alerter();
	}

	/**
	 * adds extra access checks, dependent on page state
	 */
	function page_inc_check_access($page) {
		check_access("ADMIN");
	}

	function page_inc_execute_action($page, $action) {

		switch($action) {
			case "remove_from_usergroup":
				if ($_POST['submitted'] and $_POST['user_id'] and $_POST['usergroup_id']) {
					$sql = db_query_delete("IN_USERGROUP","user_id = {$_POST['user_id']} AND usergroup_id = {$_POST['usergroup_id']}");
					db_do_query($page, $sql);
					$this->alerter->add_alert("user #{$_POST['user_id']} removed from group #{$_POST['usergroup_id']}");
				}
				break;
			case "add_to_usergroup":
				if ($_POST['submitted'] and $_POST['user_name'] and $_POST['usergroup_id']) {
					$res = db_do_query($page, db_query_select(array(array('user_id')), array('MEMBER'), "nick like '{$_POST['user_name']}'"));
					if (db_num_rows($res) != 1) {
						$this->alerter->add_alert("user '{$_POST['user_name']}' does not exist");
					} else {
						$user = db_fetch_array($res); 
						$user_id = $user['user_id'];
						$sql = db_query_insert(array('user_id', 'usergroup_id'), array($user_id, $_POST['usergroup_id']), "IN_USERGROUP");
						db_do_query($page, $sql);
						$this->alerter->add_alert("user #{$user_id} '{$_POST['user_name']}' added to group #{$_POST['usergroup_id']}");
					}
				}
				break;
			case "new_usergroup":
				$checker = new InputChecker();
				$ok = $checker->check_exists($_POST['group_name'], "groepsnaam") ? 1 : 0;
				$ok = ($checker->check_tags($_POST['group_name'], "groepsnaam") and $ok) ? 1 : 0;
				if ($ok and $_POST['submitted']) {
					$sql = db_query_insert(array('description'), array(db_sqlize($_POST['group_name'])), "USERGROUP");
					db_do_query($page, $sql);
					$this->alerter->add_alert("group #" . db_insert_id() . " added");
				}
				break;
			default:
				$this->alerter->add_alert("unknown action: $action");
				break;
		}
	}

	/**
	 * execute page logic
	 */
	function page_inc_execute($page) {
		global $CONFIG;
		$CONTENT = array();
		$THISDIR = $page->directory_tree[$page->dir_depth-1];
		
		$CONTENT['title'] = "User management panel";
		
		$CONTENT['forms'] = array();
		
		//$members = get_keys_and_values("user_id", "nick", "MEMBER", 1, "nick DESC");
		$groups = get_keys_and_values("usergroup_id", "description", "USERGROUP", 1, "description ASC");
		
		// group creation
		$inputs = array();
		$creator = new FormCreator();
		array_unshift($inputs, $creator->header("Nieuwe groep aanmaken"));
		array_unshift($inputs, $creator->input_field("Groepsnaam", 'group_name'));
		$CONTENT['forms'][] = $creator->create("groupnameform", $inputs, ".usermgm?action=new_usergroup");
		
		// group management: add
		$inputs = array();
		array_unshift($inputs, $creator->header("Iemand aan een groep toevoegen"));
		array_unshift($inputs, $creator->input_field("Gebruiker", 'user_name'));
		array_unshift($inputs, $creator->input_select("Groep", 'usergroup_id', $groups['keys'], $groups['values'], "selecteer een groep"));
		$CONTENT['forms'][] = $creator->create("useringroupform", $inputs, ".usermgm?action=add_to_usergroup");
		
		// group management: remove
		$inputs = array();
		array_unshift($inputs, $creator->header("Iemand uit een groep verwijderen"));
		array_unshift($inputs, $creator->input_select("Groep", 'usergroup_id', $groups['keys'], $groups['values'], "selecteer een groep", "", "document.useroutgroupform.submit()"));
		if (($_GET['action'] == "remove_from_usergroup") and $_POST['usergroup_id']) {
			$sql = db_query_select(array(array(), "MEMBER.user_id, nick"), array("MEMBER INNER JOIN IN_USERGROUP ON MEMBER.user_id = IN_USERGROUP.user_id", "DUMMY"), "usergroup_id = {$_POST['usergroup_id']}", "name ASC");
			$sqlresult = db_do_query($page, $sql);
			$ks = array();
			$vs = array();
			while ($r = db_fetch_array($sqlresult)) {
				array_unshift($ks, $r['user_id']);
				array_unshift($vs, $r['nick']);
			}
			array_unshift($inputs, $creator->input_select("Gebruiker", 'user_id', $ks, $vs, "selecteer een gebruiker"));
		}
		$CONTENT['forms'][] = $creator->create("useroutgroupform", $inputs, ".usermgm?action=remove_from_usergroup");
		
		$page->content = $CONTENT;
	}


	/**
	 * dress up page content using skin stuff
	 */
	function page_inc_dress($page) {
		$forms = array_reverse($page->content['forms']);
		while ($form = array_pop($forms))
			print_form($page, $form);
	}
}

?>
